package com.rankeiot.core.anno.interceptor;

import com.rankeiot.core.anno.Auth;
import com.rankeiot.core.Current;
import com.rankeiot.core.data.UserInfo;

import com.rankeiot.core.exception.AuthException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;


import java.util.Set;

/**
 * Auth 权限注解拦截器实现
 */
public class AuthInterceptor implements HandlerInterceptor {
    private static final int STATUS_NOT_LOGIN=401;
    private static final int STATUS_NO_PRIVILEGE=403;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        if(handler instanceof HandlerMethod){

        }else{
            return true;
        }
        HandlerMethod hm=(HandlerMethod) handler;
        //controller方法上的注解
        Auth auth = hm.getMethodAnnotation(Auth.class);
        if(auth==null){
            //查找类上面的注解
            auth=hm.getBeanType().getAnnotation(Auth.class);
            if(auth==null){
                return true;
            }
        }
        //无需登录
        if (!auth.login()) {
            return true;
        }
        UserInfo userInfo = Current.user();
//        if(!hasPriv(userInfo,auth.userType(),auth.role(),auth.value(),auth.loginType())){
//           response.sendError(STATUS_NOT_LOGIN,"没有登录或者无权限");
//           return false;
//        }
        checkPriv(userInfo,auth.userType(),auth.role(),auth.value(),auth.subType());
        return true;
    }
    public static boolean checkPriv(UserInfo userInfo,char userType,String[] roles,String[] permissions,char[] subTypes) throws AuthException {
        if (userInfo == null) {
            throw new AuthException(STATUS_NOT_LOGIN,"未登录");
        }else{
            if(userType != userInfo.getUserType()){
                throw new AuthException(STATUS_NOT_LOGIN,"用户类型错误");
            }
        }
        //超级用户有全部权限
        if(userInfo.isSuper()){
            return true;
        }
        boolean subTypeOk=false;
        if(subTypes.length>0){
            for(char subType:subTypes){
                if(subType==userInfo.getSubType()){
                    subTypeOk=true;
                    break;
                }
            }
            if(!subTypeOk){
                throw new AuthException(STATUS_NO_PRIVILEGE,"没有权限");
            }
        }
        Set<String> userRoles = userInfo.getRoles();
        boolean hasRole = roles.length==0;
        for (String role : roles) {
            if (userRoles.contains(role)) {
                hasRole = true;
                break;
            }
        }
        if (!hasRole) {
            throw new AuthException(STATUS_NO_PRIVILEGE,"没有权限");
        }
        Set<String> userPermissions = userInfo.getPermissions();
        boolean hasPermission = permissions.length==0;
        for (String per : permissions) {
            if (userPermissions.contains(per)) {
                hasPermission = true;
                break;
            }
        }
        if (!hasPermission) {
            throw new AuthException(STATUS_NO_PRIVILEGE,"没有权限");
        }
        return true;
    }
}
